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Abstract/Summary 

Much  of  the  work  on  quantum  networks,  both  entangled  and  unentangled,  has  been 
about  the  uses  of  quantum  networks  to  enhance  end-host  security.  The  most 
famous  such  application,  of  course,  is  quantum  key  distribution  (QKD),  detecting 
eavesdroppers  and  creating  shared,  secret  random  numbers  for  use  as  encryption 
keys  (Bennett  &  Brassard,  1984).  Typically  the  study  of  these  applications 
involves  information-theoretic  analysis  of  the  amount  of  information  that  an 
attacker  can  glean  from  the  use  of  the  network. 

In  this  project,  we  addressed  security  and  quantum  networks  from  an  entirely 
different  angle-  we  investigated  the  security  of  the  networks  themselves.  We 
wanted  to  know  if  a  single  mis-behaving  node,  or  a  small  number  of  them,  can 
disrupt  operation  of  the  network. 

Our  work  produced  a  first-of-its-kind  taxonomy  of  potential  attacks  on  quantum 
repeater  network  operations. 

Results 

First,  we  examined  the  set  of  possible  actions  that  an  attacker  can  deploy  against 
the  network,  enumerating  differences  from  classical  networks.  Quantum 
networks,  of  course,  depend  upon  successful  creation  of  high-fidelity  entanglement 
at  the  link  level,  which  requires  both  good  environmental  isolation  and  real-time 
operation. 

It  is  clear  that  tapping  a  fiber  makes  for  an  excellent  denial  of  service  attack  against 
QKD  across  that  link.  What  is  less  clear  at  the  moment  is  to  what  extent 
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larger-scale  disruption  of  the  network  can  be  effected  through  either  physical 
means  (e.g.,  entanglement  with  in-progress  states)  or  gaming  of  the  control 
protocols  (e.g.,  via  manipulation  of  the  routing  protocols  to  increase  latency, 
affecting  real-time  operation). 

We  created  a  taxonomy  of  possible  attacks  on  repeater  nodes,  published  in  SENT 
2015  (Suzuki  &  Van  Meter,  2015).  We  modeled  our  taxonomy  after  security 
taxonomies  for  RFID  tags,  because  both  RFID  tags  and  quantum  links  and  nodes 
are  sensitive  to  their  local  environment,  and  attacks  at  the  physical  level  are  of 
importance.  We  assess  points  of  vulnerability  in  terms  of  confidentiality,  integrity, 
and  availability. 

Our  model  distinguishes  among  interface  qubits,  which  are  directly  coupled  to  an 
external  optical  channel,  and  buffer  and  terminal  qubits,  which  reside  in  repeaters 
or  end  respectively  and  are  physically  isolated  from  the  optical  channel.  Evidence 
from  recent  experiments  has  shown  that  interface  qubits,  or  direct  measurement  of 
optical  states  arriving  from  the  uncontrolled  channel,  are  vulnerable  to  being 
manipulated  by  external  parties  (Jogenfors,  Elhassan,  Ahrens,  Bourennane,  & 
Larsson,  2015).  Tests  of  entanglement  built  on  quantum  tomography,  which  are 
crucial  to  the  proper  operation  of  the  quantum  repeater  network,  are  vulnerable  to 
being  hacked.  Thus,  operation  of  the  quantum  repeater  network  is  vulnerable  to 
undetectable  disruption  of  the  network  operation.  This  is  equivalent  to  the  classical 
Internet  silently  corrupting  data  somewhere  along  a  network  path  without  the 
benefit  of  hop-by-hop  error  detection  and  correction.  End-to-end  checks  may  reveal 
that  the  entanglement  has  not  been  properly  realized,  but  determining  where  along 
the  path  corruption  occurred  may  be  difficult,  resulting  in  a  disruption  of  network 
operation.  Nodes  may  be  unable  to  successfully  reroute  traffic,  leaving  them 
completely  unable  to  communicate.  This  represents  a  new  type  of  vulnerability  in 
network  operation,  compared  to  classical  networks. 

This  leads  us  to  the  following  security  recommendation:  Security  of  network 
operation  appears  to  require  that  tests  of  entanglement  be  done  only 
once  data  has  been  moved  to  qubits  physically  isolated  from  the  external 
channel  (e.g.,  done  only  terminal  or  buffer  qubits).  Thus,  our 
recommendation  is  that  specifications  for  nodes  intended  to  form  a  future  Quantum 
Internet  be  required  to  support  two  classes  of  physically  distinct  qubits  inside  the 
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system,  in  order  to  allow  secure  quantum  tomography  and  maintain  high 
availability  for  the  Quantum  Internet. 

Future  Work  and  Industry  Impact 

This  work  has  primarily  focused  on  the  attacks  possible  on  individual  nodes.  We 
look  forward  to  conducting  additional  work  on  understanding  the  behavior  of 
networks,  and  whether  the  proportion  of  network  traffic  that  can  be  undermined 
scales  more  readily  in  quantum  networks  than  in  classical  networks. 

Our  presentation  at  the  SENT  workshop  attracted  the  attention  of  computer  and 
network  researchers  from  Cisco  Systems.  Over  the  last  eighteen  months,  we  have 
had  continuing  conversations  with  Cisco  about  the  future  of  quantum  repeater 
networks  and  the  security.  Cisco  has  expressed  interest  in  funding  additional  work 
in  this  area. 
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